Messages

Dear forumers, I had configured several cron jobs in opnsense web gui. My cron job is to reset the wan ip address every 15 minutes.

*/15    *    *    *    *    Reset WAN Interface    Periodic interface reset   


I tried to monitor the firewall logs and its block logs doesn't reflect the changes of wan ip address every 15 minutes. It doesn't change the wan ip address. Besides this, all my cron job doesn't take effect.

Please point me in the right direction to figure out what wrong with it.

I didn't configure anything for crowdsec except the collections.

Then you should probably follow the documentation I linked.

OK then, let me try to do it. Thanks.

Did you configure your private networks for crowdsec? I.e. is the default whitelist parser installed or did you create one manually a documented?

https://docs.crowdsec.net/u/getting_started/post_installation/whitelists/

I didn't configure anything for crowdsec except the collections.

Root cause:

1. OSCrowdsec service stop for temp
2. OPT1 no IP address (No lights) Swith to LAN port for now.

Questions:
1. Why crowdsec blocking my LAN - It detect connection IN?

Two issues are occured at my OPNSense box.

1. LAN block by firewall or suricata - cannot ping from LAN - Root cause is oscrowdsec service
2. OPT1 is not getting IP Address (No light). Hardware or Software failure ?

What are the log to look for in shell? I tried to disable pfctl -d and it able to ping from LAN to OPNsense box. Why it blocks?
How to resolve this? Please help. Thanks in advance.

I had stop suricata using command service suricata stop but it still cannot ping OPNSense from LAN. What are the others issue?

YaHai, The issue happen again. I cannot evern login into OPNSense web console. How to disable Suricata on LAN using command line? I using 24.7.12_4

Ya, I got it service suricata stop.

Hi @nicholaswkc,

The same happens on OPNsense 25.1 in my home lab : there are 2 interfaces in addition to WAN, ie. LAN and let's say OPT1. The issue also occurs without any change in configuration on OPNsense, and I could identify something : DHCP works fine if I plug the LAN endpoint on the OPT1 interface, but the connection fails when it is connected to the LAN interface itself. It appears therefore that the connectivity loss on LAN could be linked to DHCP specifically on LAN.

Yes, I do have DHCP enable on LAN.Apart from this, my OPT1 seems reset and going down and not reactivate again. It need to replug the cable in order to have full functional internet.

Please help. Thanks in advance.


Is DHCP activated on your LAN interface too? 

Dear all users, yesterday my firewall has some odd issues where my LAN not able to ping opnsense box(ping 192.168.1.1 and dig www.google.com). Today, the issue back to normal. This issue is very strange as i not touch anything that may possible break the setup.

Try check firewall logs first.
Second, will be unbound log.

Nmap scanning need to perform from WAN as point out by Patrick.

Glad to hear that.

Hope this will resolve in 25.1.1.

Can highlight this issue to dev @ FreeBSD?

Show us your vpn configuration and firewall rules.